Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Jm8VskJ4LJNZQ8QOwPD958E7d6w.roa
File: Jm8VskJ4LJNZQ8QOwPD958E7d6w.roa (raw, json)
Hash identifier: eDctTKHz5As5GuoaduObkoU0knXo29+j2U2W6koVpPY=
Subject key identifier: 26:6F:15:B2:42:78:2C:93:59:43:C4:0E:C0:F0:FD:E7:C1:3B:77:AC
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018E75759986B47A20A871E6FCC6A7CD4313
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Jm8VskJ4LJNZQ8QOwPD958E7d6w.roa
Signing time: Mon 25 Mar 2024 11:53:45 +0000
ROA not before: Mon 25 Mar 2024 11:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 137.174.0.0/17 maxlen: 22
137.174.128.0/18 maxlen: 22
137.174.192.0/19 maxlen: 22
147.123.36.0/22 maxlen: 24
147.123.44.0/22 maxlen: 24
147.123.48.0/21 maxlen: 21
155.204.64.0/20 maxlen: 20
155.204.80.0/21 maxlen: 21
155.204.88.0/21 maxlen: 21
155.204.96.0/21 maxlen: 21
155.204.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:75:99:86:b4:7a:20:a8:71:e6:fc:c6:a7:cd:43:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Mar 25 11:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=266f15b242782c935943c40ec0f0fde7c13b77ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:74:f5:a1:af:ef:6f:0a:46:26:d2:c2:69:aa:
cd:92:8f:74:3e:be:e6:77:3e:28:0f:f4:9a:b2:e7:
79:7e:95:20:8d:39:41:8d:85:30:ee:b1:33:41:40:
37:26:2b:63:7c:88:15:55:16:75:96:2c:37:a0:21:
42:0b:ff:84:44:f8:7a:81:06:93:ec:7b:ed:38:43:
16:65:c3:6e:73:5e:a9:0d:1b:d8:ca:d2:b5:12:69:
1e:52:34:02:2d:ec:23:c9:12:47:c1:97:f9:21:17:
7f:00:70:73:ef:2b:da:2b:b3:6e:63:05:f0:91:6a:
da:fe:93:a9:5d:d3:93:e5:37:53:3f:da:65:44:ff:
4b:ea:f2:ba:f1:5c:f8:63:f8:88:3f:c9:3b:60:3d:
30:fc:a3:dd:cf:e3:71:eb:31:b4:c1:ba:cd:85:41:
32:d7:0b:c4:e8:c2:79:ce:15:3b:8c:b7:a7:48:17:
a9:d7:e1:96:be:b8:ed:17:6e:b4:35:ec:f0:75:cc:
8e:a8:ae:86:f0:b4:86:51:65:2e:da:c9:3e:d1:72:
1b:24:c8:9b:26:1f:ea:51:cd:02:10:33:cf:bc:34:
e4:e3:25:76:5f:c0:bf:c3:89:3d:64:e8:5a:b2:28:
dc:82:53:71:dc:80:c9:5c:43:d7:27:21:bf:d2:4a:
02:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6F:15:B2:42:78:2C:93:59:43:C4:0E:C0:F0:FD:E7:C1:3B:77:AC
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Jm8VskJ4LJNZQ8QOwPD958E7d6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0-137.174.223.255
147.123.36.0/22
147.123.44.0-147.123.55.255
155.204.64.0-155.204.111.255
Signature Algorithm: sha256WithRSAEncryption
1b:88:bd:d8:65:fa:71:0f:29:1d:73:83:b1:f1:6f:e1:d6:57:
3a:88:50:a3:3f:f8:91:93:56:3d:b0:b4:42:68:ae:17:77:fc:
45:5e:72:20:89:8b:20:1a:b6:15:59:e6:6e:d5:1f:c4:c7:20:
d8:a0:54:28:1d:df:8b:4d:6d:96:7f:d8:10:87:26:3e:8e:c6:
c3:46:aa:1e:ec:20:76:09:43:62:3d:ae:f9:8c:ee:da:fe:9f:
ce:16:d9:62:45:a5:92:50:0a:cf:3c:46:8b:68:18:d5:e2:d3:
23:73:33:8e:4f:ba:81:22:d3:6d:df:bc:e1:cd:55:f4:1c:f5:
74:aa:28:02:49:53:c9:35:01:e7:ba:6c:68:20:29:45:1a:e0:
b0:a2:04:b2:6e:88:ed:0b:92:8d:49:23:06:47:06:a7:eb:e1:
ca:21:af:e0:60:43:5f:b8:ed:92:0c:b0:50:4c:b4:b4:cb:87:
76:3c:b1:d1:45:9a:92:5f:57:37:b3:26:3e:a3:c4:0d:9e:b5:
e8:af:2e:b0:ca:b6:34:d0:c8:54:95:95:8b:c7:e3:96:77:0a:
a0:ca:e6:27:d2:5f:a7:92:26:8c:bc:40:9a:72:e8:38:b4:4f:
27:b6:fd:e3:ba:eb:5d:99:69:74:54:a2:73:fd:2b:d7:07:59:
34:c9:c7:5a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY51dZmGtHogqHHm/ManzUMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjQwMzI1MTE1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjZmMTViMjQyNzgyYzkzNTk0M2M0MGVjMGYwZmRlN2MxM2I3N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHT1oa/vbwpGJtLCaarNko90Pr7m
dz4oD/Sasud5fpUgjTlBjYUw7rEzQUA3JitjfIgVVRZ1liw3oCFCC/+ERPh6gQaT
7HvtOEMWZcNuc16pDRvYytK1EmkeUjQCLewjyRJHwZf5IRd/AHBz7yvaK7NuYwXw
kWra/pOpXdOT5TdTP9plRP9L6vK68Vz4Y/iIP8k7YD0w/KPdz+Nx6zG0wbrNhUEy
1wvE6MJ5zhU7jLenSBep1+GWvrjtF260NezwdcyOqK6G8LSGUWUu2sk+0XIbJMib
Jh/qUc0CEDPPvDTk4yV2X8C/w4k9ZOhasijcglNx3IDJXEPXJyG/0koCGQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCZvFbJCeCyTWUPEDsDw/efBO3esMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvSm04VnNrSjRMSk5aUThRT3dQRDk1OEU3ZDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvMAsDAwGJrgME
BYmuwAMEApN7JDAMAwQCk3ssAwQDk3swMAwDBAabzEADBASbzGAwDQYJKoZIhvcN
AQELBQADggEBABuIvdhl+nEPKR1zg7Hxb+HWVzqIUKM/+JGTVj2wtEJorhd3/EVe
ciCJiyAathVZ5m7VH8THINigVCgd34tNbZZ/2BCHJj6OxsNGqh7sIHYJQ2I9rvmM
7tr+n84W2WJFpZJQCs88RotoGNXi0yNzM45PuoEi023fvOHNVfQc9XSqKAJJU8k1
Aee6bGggKUUa4LCiBLJuiO0Lko1JIwZHBqfr4cohr+BgQ1+47ZIMsFBMtLTLh3Y8
sdFFmpJfVzezJj6jxA2eteivLrDKtjTQyFSVlYvH45Z3CqDK5ifSX6eSJoy8QJpy
6Di0Tye2/eO6612ZaXRUonP9K9cHWTTJx1o=
-----END CERTIFICATE-----
Generated at Sun May 5 00:31:15 2024 by rpki-client on console-fra.rpki-client.org